Uwe Hermann - fingerprinthttp://www.hermann-uwe.de/taxonomy/term/413/0
enForensic Discovery - a (free) book by Wietse Venema and Dan Farmer about forensic techniques for gathering digital evidencehttp://www.hermann-uwe.de/blog/forensic-discovery-a-free-book-by-wietse-venema-and-dan-farmer-about-forensic-techniques-for-gathering-digital-evidence
<p>I accidentally stumbled over this today: the book <a href="http://www.porcupine.org/forensics/forensic-discovery/">Forensic Discovery</a>, written by two security gurus &mdash; <a href="http://en.wikipedia.org/wiki/Wietse_Venema">Wietse Venema</a> and <a href="http://en.wikipedia.org/wiki/Dan_farmer">Dan Farmer</a> - has been <a href="http://www.awprofessional.com/bookstore/product.asp?isbn=020163497X&amp;rl=1">published by Addison-Wesley</a>.</p>
<p>Which is nice and all, but even nicer is the fact that <a href="http://www.porcupine.org/forensics/forensic-discovery/">the book is freely available for online reading</a>. There's also a <a href="http://www.porcupine.org/forensics/forensic-discovery/forensic-discovery-book.zip">ZIP-file</a>, if you want to get the whole thing.</p>
<p>This should make for some interesting reading during the next few weeks...</p>
http://www.hermann-uwe.de/blog/forensic-discovery-a-free-book-by-wietse-venema-and-dan-farmer-about-forensic-techniques-for-gathering-digital-evidence#commentsbookcrackingdatadigitaldumpevidencefingerprintforensicshackingsecuritytracksFri, 10 Feb 2006 03:13:50 +0100Uwe Hermann775 at http://www.hermann-uwe.dePlay-Doh fingers can fool 90% of all fingerprint scannershttp://www.hermann-uwe.de/blog/play-doh-fingers-can-fool-90-percent-of-all-fingerprint-scanners
<p>Oops. <a href="http://www.engadget.com">Engadget</a> reports that <a href="http://www.engadget.com/entry/1234000473072056/">Play-Doh fingers can fool 90% of all fingerprint scanners</a>. This is <a href="http://www.cryptome.org/gummy.htm">nothing</a> <a href="http://www.puttyworld.com/thinputdeffi.html">really</a> <a href="http://www.ccc.de/biometrie/fingerabdruck_kopieren.xml?language=en">new</a>. The remarkable thing is that more and more companies and government organizations rely on such <a href="http://en.wikipedia.org/wiki/Biometrics">biometric authentication</a>. Now, they all <em>have</em> been told about the problems, but nobody seems to want to listen...</p>
<p>(via <a href="http://techdirt.com/articles/20051212/110218_F.shtml">Techdirt</a>)</p>
http://www.hermann-uwe.de/blog/play-doh-fingers-can-fool-90-percent-of-all-fingerprint-scanners#commentscccfakefingerprintfoolgovernmentplay-dohscannersecurityTue, 13 Dec 2005 02:44:46 +0100Uwe Hermann620 at http://www.hermann-uwe.deThe Underhanded C Contest - Resultshttp://www.hermann-uwe.de/blog/the-underhanded-c-contest-results
<p>Being too busy sucks. I didn't even have the time to blog about the <a href="http://bingweb.binghamton.edu/~scraver/underhanded/">Underhanded C Contest</a>, whose <a href="http://bingweb.binghamton.edu/~scraver/underhanded/results.html">results</a> have now been announced.</p>
<p>Quick reminder: the goal of the contest is to</p>
<blockquote><p>
write innocent-looking C code implementing malicious behavior. In many ways this is the exact opposite of the Obfuscated C Code Contest: in this contest you must write code that is as readable, clear, innocent and straightforward as possible, and yet it must fail to perform at its apparent function. To be more specific, it should do something subtly evil.
</p></blockquote>
<p>I <a href="http://www.hermann-uwe.de/blog/the-underhand-c-contest">blogged about the contest</a> earlier, but only later decided to take part in the contest myself (together with <a href="http://blog.dhreutter.de/">Daniel Reutter</a>). After some initial brainstorming we hacked together <a href="http://bingweb.binghamton.edu/~scraver/underhanded/entries/underhanded2005.tar">our solution</a> in roughly one day.</p>
<p>Although we didn't win (damn, no beer for us ;-), we managed to submit one of the simplest solutions (ca. 34 lines of code), i.e., it's very hard to embed any malicious but innocent-looking code in there... Our solution exploits an array bounds overrun, with an extra equals sign ("<=" instead of "<").</p>
<p>I have yet to look at the two winning entries by M. Joonas Pihlaja and Paul V-Khuong (team submission), as well as Natori Shin. Congratulations guys! Also, I noticed the <a href="http://developers.slashdot.org/article.pl?sid=05/09/18/158200">Slashdot story</a> about the contest results, but didn't get around to read that article, either. Sigh...</p>
http://www.hermann-uwe.de/blog/the-underhanded-c-contest-results#commentsbeerccodecontestfingerprintmaliciousperlrubysecurityslashdottrojanunderhandedFri, 23 Sep 2005 03:46:47 +0200Uwe Hermann383 at http://www.hermann-uwe.de